Many companies are finding that there is a market shortage of individuals trained to handle the DPO’s responsibilities. Tapping into external expertise will help your organisation address the compliance demands of the GDPR while staying focused on your core business activities.
With this annual subscription service, you can rapidly and cost-effectively access the expertise you need for addressing GDPR compliance. Via a simple subscription, Northdoor provides an expert Data Protection Advisor as required to serve as an independent data protection specialist. Your Advisor can assist with the implementation of privacy-by-design and data protection impact assessments, serve as the contact point for data protection authorities, and oversee data breach management and reporting.
Northdoor can provide the following related services:
GDPR sets out just three cases in which you must appoint a DPO; does your business fall into these categories?
1. Your organisation is a public authority or body
In the UK, all government departments, agencies and other public bodies must appoint a DPO. This includes local councils: 15% of which have yet to appoint a DPO (ICO, March 2017).
2. Your core business activity is monitoring individuals regularly and systematically on a large scale
Surprisingly, this can include paying employees, providing standard IT support, email remarketing and location tracking through apps.
3. Your core business activity consists of processing large-scale special categories of personal data or data relating to criminal offences
GDPR defines ‘special categories of personal data’ as ethnic origin, political opinions, religious beliefs, physical and mental health (among others). If you process this type of data on a large scale, including data relating to criminal offences, you must appoint a DPO.